1 | <?php |
---|
2 | include('./n4d_lib.php'); |
---|
3 | include("./libphp/cryptojs-aes.php"); |
---|
4 | |
---|
5 | class UploadManager{ |
---|
6 | const ISOSPATH = "/opt/ltsp/isos/"; |
---|
7 | const FORMISONAME = "isofile"; |
---|
8 | private $info; |
---|
9 | private $original_name; |
---|
10 | private $ext; |
---|
11 | private $FILES; |
---|
12 | |
---|
13 | function __construct($FILESTOUPLOAD,$POST){ |
---|
14 | $this->file_info = pathinfo($FILESTOUPLOAD[self::FORMISONAME]['name']); |
---|
15 | $this->original_name = $this->file_info['filename']; |
---|
16 | $this->ext = $this->file_info['extension']; |
---|
17 | $this->FILES = $FILESTOUPLOAD; |
---|
18 | $this->user = $this->RSADecrypt($POST['user']); |
---|
19 | $this->password = $this->RSADecrypt($POST['password']); |
---|
20 | } |
---|
21 | |
---|
22 | private function get_valid_name(){ |
---|
23 | $dest = self::ISOSPATH . $this->original_name . "." .$this->ext; |
---|
24 | if(!file_exists($dest)){ |
---|
25 | return $dest; |
---|
26 | } |
---|
27 | for($i=1; $i<100; $i++){ |
---|
28 | $dest = self::ISOSPATH . $this->original_name . $i . "." .$this->ext; |
---|
29 | if(!file_exists($dest)) return $dest; |
---|
30 | } |
---|
31 | return null; |
---|
32 | } |
---|
33 | public function save_file(){ |
---|
34 | |
---|
35 | return array('result'=>False,"msg"=>"debug"); |
---|
36 | $cliente = new N4D('localhost'); |
---|
37 | try{ |
---|
38 | $result = $cliente->execute('validate_user',[$this->user,$this->password]); |
---|
39 | $groups = array('adm','admin'); |
---|
40 | if(!($result[0] && count(array_intersect($result[1],$groups)) >= 1)){ |
---|
41 | return array("result"=>False,"msg"=>"Invalid user"); |
---|
42 | } |
---|
43 | } |
---|
44 | catch (Exception $e){ |
---|
45 | return array("result"=>False,"msg"=>"Exception " . strval($e),"Exception"=>True); |
---|
46 | } |
---|
47 | |
---|
48 | $target = $this->get_valid_name(); |
---|
49 | $result = ["target"=>$target,"result"=>False]; |
---|
50 | if (!is_null($target)){ |
---|
51 | $result['result'] = move_uploaded_file($this->FILES[self::FORMISONAME]['tmp_name'],$target); |
---|
52 | if(!$result['result']){ |
---|
53 | $result['msg'] = "Error on upload file"; |
---|
54 | } |
---|
55 | } |
---|
56 | return $result; |
---|
57 | } |
---|
58 | |
---|
59 | private function RSADecrypt($crypttext){ |
---|
60 | $priv_key = openssl_pkey_get_private("file:///etc/admin-center/private_key.pem"); |
---|
61 | openssl_private_decrypt(base64_decode($crypttext), $newsource, $priv_key ); |
---|
62 | return $newsource; |
---|
63 | } |
---|
64 | } |
---|
65 | $uploadManager = new UploadManager($_FILES,$_POST); |
---|
66 | $result = $uploadManager->save_file(); |
---|
67 | |
---|
68 | # Response |
---|
69 | header('Content-Type: application/json'); |
---|
70 | echo json_encode($result); |
---|
71 | |
---|
72 | ?> |
---|